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REMARKS 

Claims 1-6, 8-20, and 23-26 are pending in this application. By this Amendment, claims 
1, 9-13, 17 and 20 are amended, claim 21 is canceled without prejudice or disclaimer to the 
subject maner set forth therein, and claims 23-26 are added. 

No new matter is presented by this Amendment, Support for the amendments may be 
found, for example, in the Abstract, the previously presented claims, paragraph 0023 of the 
published patent application US 2003/0105981, and in the drawings, for example. The claims 
are amended to further recite features of the invention. 

Applicant respectfully requests reconsideration of the application. 

A. The Examiner Interview of June 7. 2007 

Applicant and Applicants representative appreciate the courtesies extended by Examiner 
Pyzocha in the personal interview of June 7, 2007, In the interview, various aspects of the patent 
application were discussed, including the pending claims, the invention, the applied an, and 
possible amendments to further distinguish the claims over the applied art. Further aspects of the 
discussion in the Interview are set forth below. 

In particular, Applicant notes that claims 23-26 are added in response to the discussions 
with the Examiner. Such claims recite novel features relating to each of the first system and the 
second system having a protected resource that is accessible via authentication. 
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B. The 35 U.S.C, §103 Rejection 

The Office Action rejects claims 1-6 and 8-21 under 35 U.S.C. 103(a) as being 
unpatentable over Howard ei al (US 6584505) in view of Gupta et al (US 6226752) and further 
in view of Grandcolas et al (EP 1089516). This rejection is respectfully traversed. 

The various features of claim 1 are set forth above. 

On pages 2-3, the Office Action asserts that Howard teaches various features of claim 1. 
Further, the Office Action goes on to assert that Howard fails to disclose the use of session 
token and the first system inputting a determination from the second system thai the client has 
valid a valid credential with the second system and the first system granting access to the 
protected resource on the first system to the client based on the determination from the second 
system that the client has a valid session credential with the second system and both tbe first 
and that both the first and second system have pj-otected resources. 

The Office Action then attempts to cure these deficiencies with the teachings of Gupta 

and Grandcolas, That is, on page 3, the Office Action asserrs that however, Gupta teaches the 

use of session credentials (see column 1 1 lines 10-25) and the first system inputting a 

determination from the second system that the client has valid a valid credential with the second 

system and the first system granting access to the protected resource on the first system to the 

client based on the determination from the second system that the client has a valid credential 

with the second system and both the first (see column 1 1 line 39 through column 13 line 40) 

while Grandcolas et al teaches both the first and second system have protected resources (see 

page 2 paragraph [0006]). 

In the rejection, the Office Action then asserts that at the time of the invention it would 
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have been obvious io a person of ordinary skill in the an to include the session token, The 
inputting and granting of Gupta and for both systems to provide protected resources as taught 
by Grandcolas in the system of Howard. On page 4» the Office Action asserts that the 
motivation to do so would have been to provide a single sign on solution for the web (see Gupra 
et al column 6 lines 4651) and to provide a single sign on user access to multiple web servers 
(see Grandcolas Abstract). These assertions are traversed. 

Applicam respectfully traverses the rejection as rhe Office Action fails to establish a 

prima facie case of obviousness to reject claim 1. In particular, Applicant submits that the 
motivation provided fails to support a prima facie case of obviousness to reject claim 1. As 
noted above, the Office Action asserts that the motivation to combine the an as proposed would 
have been to provide a single sign on solution for the web (see Gupta et al column 6 lines 4651) 
and to provide a single sign on user access to multiple web servers (see Grandcolas Abstract). 
However, the primary reference to Howard already provides just such capability. Thus, the 
reason the Examiner uses to combine the references is not supportable. 

That is, in the summary of the invention, Howard teaches the described invention allows 
a web user to maintain a single login IP (and associated password) that provides access to 
multiple web servers or services, and that once the user has logged into an authentication Server, 
it is not necessary to re-enter the login ID or user information when accessing other affiliated 
web servers. Howard describes the single login ID has an associated user profile that contains 
ihe registration information typically requested by web servers during a user registration process. 

Accordingly, Applicant submits that the motivation supporting the proposed combination 

of an is not supponable. That is, the one of ordinary skill would not have been motivated to 
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modify Howard so as * l \o provide a single sign on solution for the web and to provide a single 
sign on user access to multiple web servers" as alleged in the Office Action. Indeed, one of the 
very purposes of Howard is to provide such capability. Applicant submits that such alleged 
motivation vis-^-vis the proposed modifications zo Howard is so attenuated so as to not be 
supportable. 

Further, Applicant submits that the proposed modification of Howard is in conflict with 
the teachings of Howard. Aspects of Howard are described in column 8, lines 38-67. Howard 
teaches the user of the client computer system 100 accesses a web page on the affiliate server 
104 (step 230). The affiliate server determines that the user is not authenticated (with respect to 
the affiliate server) and redirects the user's browser to the authentication server (step 232). 
Next, the authentication server retrieves the affiliate information entered during registration of 
the affiliate to determine whether the most recent authentication of the user is within the 
affiliate's timeout period (step 234). If the most recent authentication is not within the timeout 
period (i.e., not acceptable), then the authentication server retrieves and authenticates the user's 
login ID and password (step 238) using, for example, the procedures discussed above with 
respect to f IG. 4. 

In column 8 7 Howard goes on to explain that if the most recent authentication is 

acceptable, then the authentication server copies the appropriate cookies to the client computer 

system and redirects the user's browser back to the affiliate server (step 240). The 

authentication server also copies certain elements of the user's profile information to the 

affiliate server (step 242). The affiliate server then generates a personalized web page and 

communicates the web page to the user's browser (step 244). The affiliate server also copies a 
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cookie to the client computer system containing information indicating thai the user of the 
client computer system has been authenticated and indicating the period of time during which 
the authentication is valid. Each time the user enters a new web page request on the same 
affiliate server, the data in the cookie is copied to the affiliate server along with the page 
request. Thus, the affiliate server will not repeatedly check the authentication of a user during 
each subsequent page request. 

Based on the above teachings of Howard, the system of Howard clearly involves the 
fundamental architecture of working off an authentication server. Relatedly, and of particular 
note vis-^-vis the rejection, Howard teaches in column 7, lines 36043, that cookies written to 
The client computer system by the authentication server cannot be read by any affiliate server. 
Howard describes that similarly, cookies written to the client computer system by a particular 
affiliate server cannot be read by any other affiliate server. The cookies written by an affiliate 
server are encrypted using a key that is unique to the affiliate server, thereby preventing other 
affiliate servers from reading the data stored in the cookies. 

Such teachings of Howard are in direcx conflict with the proposed modifications of 

Howard, as set forth in the Office Action. That is, the teaching of Howard that cookies written 

to the client computer system by the authentication server cannot be read by any affiliate server 

is in direct conflict with the proposed modification of Howard, The Office Action is essentially 

asserting that it would have been obvious to have one affiliate server read another affiliate 

server's cookie. Thus, as to the Office Action's assertion on page 8, line 9 (and as discussed in 

the Interview with Examiner Pyzocha), Applicant has provided evidence of such conflict. 

Accordingly, Applicant respectfully submits that the proposed modification of Howard, and the 
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rejection sunder 35 U.S.C. 103, is not supportable, in that such is destructive of core teachings 

of Howard. 

On page 7, the Office Action asserts: 

In this case, the portion of Gupta cited for motivation states that the single sign 
on solution is for web applications and in the paragraph following the cited motivation it 
is described that these applications include such things as email, word processing 
and ATM functions. Therefore is would be clear to one of ordinary skill in the art that 
providing a single sign on system for web applications is advantageous because a user 
would not have to enter a password for every different type of application accessing the 
web whereas Howard is related \o a single sign on session for a single application (the 
web browser}. Therefore, one of ordinary skill in the an would have been motivated to 
combine the teachings of Gupta with Howard. 

Applicant respectfully submits that such assertions are a mischaracteri2ation of the 
applied art. That is, Howard is not just related to a single sign on session for a single 
application (the web browser). Howard clearly also relates ro single login to multiple web 
servers and services, for example (see Howard, column 2, lines 15-21. 

In view of the discussions in the Examiner Interview, claim 1 is amended to recite 
further features of the claimed invention, so as to expedite prosecution of the patent application. 
In particular, claim 1 (and other independent claims) is amended to recite **ihe protected 
resource on the first system being accessible by the client only after successful authentication of 
the client at the first system". Similar features are added relating to the protected resource on 
the second server. Such features are in contrast to a "cookie" (and an interpretation that a 
cookie is the protected resource) in that a cookie is accessed prior to successful authentication, 
and is indeed a part of successful authentication. 

Further, claim 20 is amended to expedite prosecution. In particular, claim 20 is 

amended to recite further features relating to the processing of the first system vis-a-vis the 
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second system, and related authentication processing. Howard and the other applied m dearly 
fail to teach such features. 

Accordingly, Applicant respectfully submits that the applied an fails to teach or suggest 
the invention as recited in claim 1 for at least the reasons set forth above. Further, Applicant 
respectfully submits that claims 9-12, 13, 17, 20 and 21 recite patentable subject matter for 
reasons similar to those set forth above with respect to claim 1. 

Further, the various dependent claims recite patentable subject matter at least for their 
various dependencies on the independent claims, as well as for the additional subject matter such 
dependent claims recite. 

C. Conclusion 

For at least the reasons outlined above, Applicant respectfully asserts that the application 
is in condition for allowance. Favorable reconsideration and allowance of the claims are 
respectfully solicited. 

For any fees due in connection with filing this Response the Commissioner is hereby 
authorized to charge the undersigned's Deposit Account No. 50-0206. 
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Should the Examiner believe anything further is desirable in order to place die 
application in even better condition for allowance, the Examiner is invired to contact Applicant's 
undersigned representative at the telephone number listed below. 



Respectfully subnuptfd, 
HUNTON & WJKLIAMS 




James R, 

Regisu&kffr No. 40,444 



Hunton & Williams 
1900 K Street, N.W., Suite 1200 
Washington, D.C. 20006-1109 
(202) 955-1500 

Dated: . 

JRM/ad-sn<J 8-8-07 
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